<?php
// Authorized Pages for each user type
if(isset($_SESSION["is_update"]) && $_SESSION["is_update"]) {
	$tab_pages["user_admin"] = array("login");

	$tab_pages["user_admin"]["main_link"] = APPLICATION_URL . "/login/update_login/?act=modifier";
}
else
{
	$tab_pages["user_admin"] = array(
		'login',
		'logout',
		'home',
		'validator',
		'user',
		'user_admin',
        'parameter',
        'static_page',
		'press',
        'business_solution',
		'category',
		'product',
		'product_download',
		'product_image',
		'product_info',
        'event',
		'applications',
		'design',
		'technology',
		'banner',
		'newsletter',
        'testimonial',
        'gallery',
        'member',
		'service',
		'technician',
        'booking'
	);

	// Default page for each user type
	$tab_pages["user_admin"]["main_link"] = APPLICATION_URL . "/home/list";
}

$tab_pages["annonyme"] = array("login","lost_password","wscontroller","log_email_unsubscription");
$tab_pages[""] = array("login","webservice","log_email_unsubscript");


function requireAuthenticationIP($arrModule)
{
    $control = DRX::load("controller");
    $action = DRX::load("action");

    if(isset($arrModule[$control])){
        if(in_array($action, $arrModule[$control])){
            return false;
        }
    }
    return true;
}

function is_utilisateur_connecte() {
	global $g_user,$controller;
    
	if(is_page_courante('validator')) {
		if(!isset($_SESSION['userID']) || $_SESSION['userID']==USER_AUTO_LOG || $_SESSION['userID']==0) {
            
			if(!requireAuthenticationIP($arrControlerNotVerifyIP) || true  ){
				$acces = new Login();
                
				$acces->getFromId(USER_AUTO_LOG);
				$_SESSION['user_serialize'] = serialize($acces);
				$_SESSION["userID"] = $acces->ID;
				$_SESSION["annonceurID"] = $acces->ID_ANNONCEUR;
				$g_user = unserialize($_SESSION['user_serialize']);
				$_SESSION["is_regie"] = $acces->IS_REGIE;
				$_SESSION["is_agent"] = FALSE;
				$_SESSION["agentID"] = 0;
				$_SESSION["is_annonceur"] = FALSE;

				if ($acces->getIS_REGIE() != FALSE) {
					if ($acces->IS_REGIE == ADMIN_SFR)
					{
						$_SESSION["userClasse"] = "user_regie";
					}
					elseif ($acces->IS_REGIE == ADMIN_SUPPORT)
					{
						$_SESSION["userClasse"] = "user_support";
					}
					//$_SESSION["annonceurID"] = $acces->getID_ANNONCEUR();
				}
			}
		}

	}
    
	return  isset($_SESSION['userID']) &&  $_SESSION['userID'];
}

// Check if user is correctly connected
if (!is_utilisateur_connecte()) {
    
	if (!is_page_courante('login') && !is_page_courante('index') && !is_page_courante('lost_password') )
	{
			if ( isset($_GET['FUNC']) && isset($_GET['VAL_NUM']) ) {
				$_SESSION['url_demande'] = '';
				echo  "ajax_timeout";
				die();
			}else {
				$_SESSION['url_demande'] = '';
				redirect(APPLICATION_URL . '/login/login/?return_link='. urlencode($_SERVER['REQUEST_URI']));
			}
	}
	elseif (is_page_courante('index.php') ) {
		$_SESSION['url_demande'] = '';
		redirect(APPLICATION_URL . '/login/login/?return_link='. urlencode($_SERVER['REQUEST_URI']));
	}
	elseif (!isset($_SESSION['url_demande'])) {
		$_SESSION['url_demande'] = '';
	}

}


// User directly requested login.php
elseif (is_page_courante('/login/login.php')) {
    
	$_SESSION['url_demande'] = '';
}

if (!isset($_SESSION["userClasse"]))
	$_SESSION["userClasse"]='annonyme';

$smarty = DRX::load("smarty");
$smarty->assign("user_classe", $_SESSION["userClasse"]);
$smarty->assign('is_utilisateur_connecte', is_utilisateur_connecte());

if (!isset($_SESSION["userID"]))
	$_SESSION["userID"] = 0;

$smarty->assign("user_id", $_SESSION["userID"]);

if(isset($g_user) &&  !$g_user->isAllowedAccessProject())
{
    
	die("Access is forbidden!");
}
// check whether or not current account was DISABLED or DELETED from LOGIN table
else if($_SESSION["userID"] != "" )
{
    
	 $login = new Login();
     
	 if(!$login->isExistLoginID())
	 {
		// free all SESSION variables
		session_unset();
        
		// redirect to login page
	 	redirect(APPLICATION_URL . '/login/login/?return_link='. urlencode($_SERVER['REQUEST_URI']));
	 }
     
     
}

// Check authorizations

$controller = DRX::load("controller");
$action = DRX::load("action");
if (isset($controller)) {
	if (!in_array($controller, $tab_pages[$_SESSION["userClasse"]]) &&  !is_page_courante('webservice') &&  !is_page_courante('log_email_unsubscript')) {
		redirect($tab_pages[$_SESSION["userClasse"]]["main_link"]);
	}

	if (isset($g_user) && !$g_user->isSupervisor()){
		if ($controller == 'parameter' || ($controller == 'user' && $action != 'changemypass')) {
			redirect($tab_pages[$_SESSION["userClasse"]]["main_link"]);
		}
	}

	$smarty->assign("g_user", $g_user);
	$smarty->assign("section", $controller);
}
else {
	die("La variable section n'est pas encore definie");
}